Reference Guide

ManualsBrandsDell ManualsAccess PlatformsW-Series FIPS

24|

Aruba 7200 Series Controllers FIPS 140-2 Level 2 Security Policy

Table 6 CSPs/Keys Used in Aruba Controllers

password

by the CO command

write erase all.

37 SNMPv3privacy

password

8-64 character

password

CO configured

Stored in flash

memory encrypted

with KEK. Zeroized

by the CO command

write erase all.

Used to derive

SNMPv3 session key

38 SNMPv3sessionkey

AES-CFB key (128

bits)

Derived from SNMPv3

privacy password using

an approved KDF

Stored in volatile

memory. Zeroized on

reboot.

Secure channel for

SNMPv3 management

Self-Tests

The Aruba Controller performs both power-up and conditional self-tests. In the event any self-test fails,

the controller will enter an error state, log the error, and reboot automatically.

The following self-tests are performed:

ArubaOS OpenSSL Module:

 AES (encrypt/decrypt) KATs

 Triple-DES (encrypt/decrypt) KATs

 DRBG KAT

 RSA KAT

 ECDSA Sign/Verify

 SHS (SHA1, SHA256, SHA384 and SHA512) KATs

 HMAC (HMAC-SHA1, HMAC-SHA256, HMAC-SHA384 and HMAC-SHA512) KATs

ArubaOS Crypto Module

 AES (encrypt/decrypt) KATs

 Triple-DES (encrypt/decrypt) KAT

 SHA (SHA1, SHA256, SHA384 and SHA512) KAT

 HMAC (HMAC-SHA1, HMAC-SHA256, HMAC-SHA384 and HMAC-SHA512) KAT

 RSA KAT

 ECDSA Sign/Verify

 FIPS 186-2 RNG KAT

ArubaOS UBoot BootLoader Module

 Firmware Integrity Test: RSA PKCS#1 v1.5 (2048 bits) signature verification with SHA-1